For investment banks, cyber spooks and hackers are the new gatekeepers.

Banks including JP Morgan, Citigroup and Bank of America Merrill Lynch all have cyber security intelligence roles currently advertised on their websites, while a City of London headhunter said a number of large European banks are also looking for candidates to help identify and counter threats to their cyber security.

Banks have traditionally hired specialised contractors or consultancy firms to help with these security efforts but Chris Powell, who heads the information security team at recruitment firm Digital Gurus, said banks are now looking at expanding in-house.

He said: “Banks are doing their direct hiring now.”

The hiring is two-fold, according to headhunters and consultants: banks are looking to recruit individuals to proactively identify potential cyber threats, as well as so-called "ethical hackers" to help them run tests on their internal systems.

The demand is being driven by an increase in threats and heightened awareness among senior management at banks of the need to defend against attacks.

“It’s an area that has been under-invested in for quite a while, so the demand hasn’t necessarily been at the forefront like it is now for cyber security specialists,” said Chris Kipphut, director in financial services at EY.

In an annual letter to shareholders in April, Jamie Dimon, the chairman and chief executive of JP Morgan, said the bank would increase cyber security headcount from 600 to 1,000 by the end of 2014. The bank’s annual spend in this area is also expected to rise to $250 million from $200 million in 2012, according to the letter.

Related

Dimon wrote that the fight to stay ahead of risks will likely be “never-ending”, adding: “unfortunately, not every battle will be won”.

Almost a third of respondents to the latest global information security survey from EY reported an at least 5% increase in the number of security incidents related to their technology infrastructures.

In the same survey published last October, 43% of respondents – which included those from within the banking sector – said their information security budgets were on the rise but a similar percentage pointed to a lack of available expertise.

John Macleod, head of specialist search and cyber and information security at recruitment firm BPS World, said that the cyber security market had "taken off at extraordinary speed" over the past 18 months but added that there was a lack of suitable candidates from within financial services to meet the demand.

The military is a particularly attractive hunting ground for banks looking to hire people to help spot potential cyber threats - a role that requires similar skills to those of a threat intelligence analyst working in the defence sector. Ruth Anderson, a senior manager in information assurance and cyber security at KPMG and a former army intelligence officer, said candidates were in high demand “with banks becoming more and more the target of nation states, hacktivism, or geopolitically motivated organisations”.

Alex Petsopoulos, a partner in Deloitte’s security and resilience practice, said: “People from the military are very good at handling incidents because they are used to that command and control structure. They are used to dealing with pressured situations and you do really need that kind of individual when you are dealing with a major breach.”

Consultants and headhunters are also seeing a need for ethical hackers; individuals who attempt to penetrate networks and computer systems to test their resilience.

Demand in this area in the UK is fuelled in part by CBEST, a new programme launched by the Bank of England that aims to test the robustness of financial institutions in the face of cyber attacks.

The financial organisations regulated by the central bank's s Financial Policy Committee – which includes the largest investment banks and the London Stock Exchange – will take part in the tests that will begin in the coming months.